Filters








3,433 Hits in 6.4 sec

Blind threshold signatures based on discrete logarithm [chapter]

Wen-Shenq Juang, Chin-Laung Lei
1996 Lecture Notes in Computer Science  
In this paper, we propose two group-oriented (t; n) blind threshold signature schemes based on the discrete logarithm problem.  ...  The security of our schemes rely on the di culty of computing discrete logarithm.  ...  In this paper, we propose two e cient blind threshold signature schemes based on the discrete logarithm problem.  ... 
doi:10.1007/bfb0027790 fatcat:sqzxmk2xbfalfarpsi63cvzagi

Page 728 of Mathematical Reviews Vol. , Issue 2004a [page]

2004 Mathematical Reviews  
However, most existing proxy signature schemes are based on the discrete logarithm problem.  ...  In this paper, the au- thor proposes two efficient proxy signature schemes based on the factoring problem, which combine the RSA signature scheme and the Guillou-Quisquater signature scheme.  ... 

Fail-Stop Group Signature Scheme [article]

Yi-Yuan Chiang, Wang-Hsin Hsu, Wen-Yen Lin, Jonathan Jen-Rong Chen
2018 arXiv   pre-print
In this paper, we propose a Fail-Stop Group Signature Scheme (FSGSS).  ...  Based on the above objectives, this paper proposes three lemmas and proves that they are indeed feasible.  ...  In other words, they combine threshold [10] [11] and fail-stop signatures.  ... 
arXiv:1809.01540v1 fatcat:kc2ktiujwrd67p2vkeccewkix4

Fail-Stop Group Signature Scheme

Jonathan Jen-Rong Chen, Yi-Yuan Chiang, Wang-Hsin Hsu, Wen-Yen Lin, Xiaokang Zhou
2021 Security and Communication Networks  
In this study, a fail-stop group signature scheme (FSGSS) that combines the features of group and fail-stop signatures to enhance the security level of the original group signature is proposed.  ...  Based on the aforementioned objectives, this study proposes three lemmas and proves that they are indeed feasible.  ...  We will always miss you and continue your unfinished wishes. Hope you rest in peace. is research is partially supported by the "Higher Education Sprout Project," Ministry of Education, Taiwan.  ... 
doi:10.1155/2021/6693726 fatcat:hl3fnernkfhcvfdicwssnohtpi

Page 7179 of Mathematical Reviews Vol. , Issue 96k [page]

1996 Mathematical Reviews  
Variants of signatures such as one-time signatures, undeniable signatures and fail-stop signatures are dis- cussed. Some attacks are missing, e.g., Saltzer’s to deny signatures.  ...  The book describes the important ElGamal system, which is based on discrete logarithms, the McEliece code which uses error-correcting codes, elliptic curve systems, and the broken Merkle-Hellman knapsack  ... 

A key recovery attack on discrete log-based schemes using a prime order subgroup [chapter]

Chae Hoon Lim, Pil Joong Lee
1997 Lecture Notes in Computer Science  
In this paper we present a key recovery attack on various discrete log-based schemes working in a prime order subgroup.  ...  However, there are many protocols based on the discrete logarithm problem that turn out to leak many of the secret key bits from this oracle attack, unless suitable checkings are carried out.  ...  Introduction Many cryptographic protocols have been developed based on the discrete logarithm problem.  ... 
doi:10.1007/bfb0052240 fatcat:l4oani6kxfha7o76dkkgg3hp4e

Threshold Cryptosystems Based on Factoring [chapter]

Jonathan Katz, Moti Yung
2002 Lecture Notes in Computer Science  
We describe a threshold version of a variant of the signature standards ISO 9796-2 and PKCS#1 v1.5 (cf. [39, Section 11.3.4]), thus giving the first threshold signature scheme whose security (in the random  ...  This is a new paradigm for threshold cryptosystems based on a composite modulus, differing from the typical treatment of RSA-based systems where a "decryption exponent" is shared among the participants  ...  The approach was initiated by [17, 18, 19] , and the first provably secure schemes for RSA-and discrete-logarithm-based signature schemes were given in [16, 30, 35] .  ... 
doi:10.1007/3-540-36178-2_12 fatcat:7bwxgcevvjftffeuel2efy2cru

Practical Threshold RSA Signatures without a Trusted Dealer [chapter]

Ivan Damgård, Maciej Koprowski
2001 Lecture Notes in Computer Science  
We propose a threshold RSA scheme which is as efficient as the fastest previous threshold RSA scheme (by Shoup), but where two assumptions needed in Shoup's and in previous schemes can be dropped, namely  ...  The robustness (but not the unforgeability) of our scheme depends on a new intractability assumption, in addition to security of the underlying standard RSA scheme.  ...  Threshold schemes based on the discrete log problem are relatively straightforward to build, and have been known for a long time.  ... 
doi:10.1007/3-540-44987-6_10 fatcat:tei4nrjnyjfgxdfq5lfidxeq7i

Practical Threshold RSA Signatures Without a Trusted Dealer

Ivan B. Damgård, Maciej Koprowski
2000 BRICS Report Series  
We propose a threshold RSA scheme which is as efficient as the fastest previous<br />threshold RSA scheme (by Shoup), but where two assumptions needed in Shoup's and in<br />previous schemes can be dropped  ...  , namely that the modulus must be a product of safe primes<br />and that a trusted dealer generates the keys.  ...  Threshold schemes based on the discrete log problem are relatively straightforward to build, and have been known for a long time.  ... 
doi:10.7146/brics.v7i30.20164 fatcat:m53olpfbbbdgxf4itbwtcnai34

Limitations of the Meta-reduction Technique: The Case of Schnorr Signatures [chapter]

Marc Fischlin, Nils Fleischhacker
2013 Lecture Notes in Computer Science  
The well-known proof by Pointcheval and Stern for such signature schemes (Journal of Cryptology, 2000) relies on the ability to re-program the random oracle, and it has been unknown if this property is  ...  We also use meta-reductions to show that the security of Schnorr signatures cannot be proven equivalent to the discrete logarithm problem without programming the random oracle.  ...  Nils Fleischhacker was supported by the German Federal Ministry of Education and Research (BMBF) through funding for the Center for IT-Security, Privacy and Accountability (CISPAwww.cispa-security.org)  ... 
doi:10.1007/978-3-642-38348-9_27 fatcat:m54dyqyajzhvrpdwxgajwa367e

AN EFFICIENT DISTRIBUTED KEY GENERATION PROTOCOL FOR TRANSIENT CLOUDS

Mona Lackousha, Hisham Dahshan, Nabil Shaker
2017 Journal of Al-Azhar University Engineering Sector  
In this paper, a proposed elliptic curve based distributed key generation (ECDKG) scheme for Transient Clouds is presented.  ...  Performance analysis showed that this scheme not only has strong security, but also has less computational and communication costs.  ...  Extensive research in cloud security includes several techniques for distributed key generation (DKG) protocols are based on either discrete logarithm problem (DLP) over a finite field or integer factorization  ... 
doi:10.21608/auej.2017.19289 fatcat:f7ct3xcevbd6dn2vrawooprm5e

Robustness Principles for Public Key Protocols [chapter]

Ross Anderson, Roger Needham
1995 Lecture Notes in Computer Science  
We present a number of attacks, some new, on public key protocols.  ...  We also advance a number of principles which may help designers avoid many of the pitfalls, and help attackers spot errors which can be exploited.  ...  Since Bob can factor ng and its factors are only 250-300 bits long, he can work out discrete logarithms with respect to them and then use the Chinese Remainder theorem to get discrete logs modulo ng.  ... 
doi:10.1007/3-540-44750-4_19 fatcat:u4y5egfii5fdbdah4zrxl63naq

ID-Based Blind Signature and Ring Signature from Pairings [chapter]

Fangguo Zhang, Kwangjo Kim
2002 Lecture Notes in Computer Science  
In this paper, we firstly propose an ID-based blind signature scheme and an ID-based ring signature scheme, both of which are based on the bilinear pairings.  ...  Blind signature and ring signature are very useful to provide the user's anonymity and the signer's privacy. They are playing an important role in building e-commerce.  ...  Acknowledgements The authors are grateful to the anonymous reviewers for their valuable suggestions and comments on this paper.  ... 
doi:10.1007/3-540-36178-2_33 fatcat:tthufzhg35cmtlntjqzj4gmuty

Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities

Ernie Brickell, Jiangtao Li
2012 IEEE Transactions on Dependable and Secure Computing  
Our EPID scheme is efficient and provably secure in the same security model as DAA, i.e. in the random oracle model under the strong RSA assumption and the decisional Diffie-Hellman assumption.  ...  In the DAA scheme, a TPM can be revoked only if the DAA private key in the hardware has been extracted and published widely so that verifiers obtain the corrupted private key.  ...  If this is the case, A computed the discrete logarithm of K based on B, so S stops and outputs "failure 5".  ... 
doi:10.1109/tdsc.2011.63 fatcat:h5godqdybferzbubphefo75a4m

Enhanced privacy id

Ernie Brickell, Jiangtao Li
2007 Proceedings of the 2007 ACM workshop on Privacy in electronic society - WPES '07  
Our EPID scheme is efficient and provably secure in the same security model as DAA, i.e. in the random oracle model under the strong RSA assumption and the decisional Diffie-Hellman assumption.  ...  In the DAA scheme, a TPM can be revoked only if the DAA private key in the hardware has been extracted and published widely so that verifiers obtain the corrupted private key.  ...  If this is the case, A computed the discrete logarithm of K based on B, so S stops and outputs "failure 5".  ... 
doi:10.1145/1314333.1314337 dblp:conf/wpes/BrickellL07 fatcat:m2spdmlj3bfzneoptsdkggqokm
« Previous Showing results 1 — 15 out of 3,433 results